Cryptography-Digest Digest #37, Volume #10 Thu, 12 Aug 99 21:13:07 EDT
Contents:
Re: Depth of Two ("Douglas A. Gwyn")
Re: frequency of prime numbers? (Anton Stiglic)
Re: Depth of Two (Jim Gillogly)
Re: Future Cryptology ("Douglas A. Gwyn")
Re: language confusion, would it work? (Mike Orceyre)
Re: NIST AES FInalists are.... (Lee Winter)
Blowfish Questions ([EMAIL PROTECTED])
Re: NIST AES FInalists are.... (Lee Winter)
Re: language confusion, would it work? (Lee Winter)
Re: Future Cryptology (Lee Winter)
'weak keys' in Blowfish Variant ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Depth of Two
Date: Thu, 12 Aug 1999 21:39:06 GMT
Jim Gillogly wrote:
> Interesting. For what it's worth, the generating sequence appears to be
> a straight keyboard... not quite our QWERTY one:
> QWERTZUIOASDFGHJKPYXCVBNML
Looks like the Enigma keyboard sequence to me.
> I note that there are two E's and no G on the top row. Both E's
> are in their correct diagonal sequence. Also no N and two V's,
> the latter also in their correct sequence. What's <that> about?
It's not really "about" anything. The table is just to illustrate
the diagonal property under consideration.
What happens if you push the duplicate-letter diagonal sequences
to bring the missing letters into the row? Are all the other rows
now duplicate-free?
------------------------------
From: Anton Stiglic <[EMAIL PROTECTED]>
Subject: Re: frequency of prime numbers?
Date: Thu, 12 Aug 1999 18:24:53 -0400
karl malbrain wrote:
> Anton Stiglic <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > No, a definition is a definition, it is an axiom in a theory. You
> consider an
> > axiom to
> > be an _absolut truth_. When putting axioms togheter, you form theorems.
> > Some
> > statements, said to be theorems, are in fact false, du to some
> contradiction.
> > A definition is never false.
> >
> > You have to understand what you set down as beeing _absolut truth_
> (axioms)
> > so as to base a theory, in this theory you comme up with theorems and
> > contradictions
> > stating that certain theorems are not true.
>
> No one said that the definition of prime is false. Thanks to the
> contradiction it now includes the PROPERTY that there is no largest.
>
> The question at hand is the NATURE OF CONTRADICTIONS. Karl M
There is no question to be asked here, the only hypothesis that is laid in the
proof
is that the set of primes is finit, ve arive at a contradiction so the
hypothesis is false.
The definition of a prime is not a hypothesis by any means.
Anton
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Depth of Two
Date: Thu, 12 Aug 1999 16:40:58 -0700
"Douglas A. Gwyn" wrote:
>
> Jim Gillogly wrote:
> > I note that there are two E's and no G on the top row. Both E's
> > are in their correct diagonal sequence. Also no N and two V's,
> > the latter also in their correct sequence. What's <that> about?
>
> It's not really "about" anything. The table is just to illustrate
> the diagonal property under consideration.
>
> What happens if you push the duplicate-letter diagonal sequences
> to bring the missing letters into the row? Are all the other rows
> now duplicate-free?
Yes, they'd have to be duplicate-free.
I notice also that in this square the columns do contain the full
alphabet. I suppose we should verify that this property sticks
around if the duplicate diagonals are doctored.
How is this square used to encipher characters?
--
Jim Gillogly
20 Wedmath S.R. 1999, 23:35
12.19.6.7.18, 10 Edznab 6 Yaxkin, Fifth Lord of Night
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Future Cryptology
Date: Thu, 12 Aug 1999 21:23:28 GMT
"SCOTT19U.ZIP_GUY" wrote:
> ... They may by busying providing flase information so that the publc
> will stay under the illusion that the bombing of the Chinese Emabssy
> was an accident.
If it was intentional, it was an exceptionally stupid decision.
> They may also need to make more excuese why will won't go to Tawians
> aid when China gets the green light to invade.
No, as soon as the US knuckled under and adopted the "one China"
policy, Taiwan was doomed.
> Also they may be busy covering up other of Clintons activities
How could NSA do that? They're a signals intelligence agency.
> and they may be needed to come with why we bombed the pharmacy
> in Sudan for no reason.
There was a reason, but it was based on unreliable information,
the same as a lot of things the CIA is known to have screwed up.
> They could also be busy trying to decide if we should
> get the Indians and Pakistanies to fight a war.
That's the President, State Dept., and Pentagon's business, not
an intelligence agency's.
> Of course I could be all wrong.
More likely you're simply paranoid.
If you don't have any evidence to support such speculation, then
there is no point in it.
------------------------------
Date: Thu, 12 Aug 1999 19:38:54 -0400
From: Mike Orceyre <[EMAIL PROTECTED]>
Subject: Re: language confusion, would it work?
To the original proposer (msg unavailable):
You might inspect a copy of...
Mots d'Heures: Gousses, Rames
(The d'Antin Manuscript)
ed. Luis d'Antin van Rooten
(1967) ISBN 0 14 00.5730 7
...for novelty along these lines.
I'm sure the concept is extensible along many lines.
No key(s) needed if you're polyglot :-)
Patrick Juola wrote:
> In article <7osp7a$i8a$[EMAIL PROTECTED]>,
> JvA Networks (DK) <[EMAIL PROTECTED]> wrote:
> >Well I was kind of wondering: would you be able to make a simple encryption
> >that would be good enough, simply because it would too difficult for a
> >computer algorithm to recognize the language. Say:
> >
> >I have a text in English, I replace every word with a similar looking word
> >in, say Danish (which like most Scandivian languages is quite similar in
> >grammar to English):
> >
> >I start with: "Two penguins were walking in the park"
> >I "translate" this into something, that looks like Danish, but doesn't have
> >any relation to the meaning of the original: "Otte dinosauruser rullede p�
> >en motorvej" (It means: "Eight dinosaurs were rolling on a high-way")
> >Then I encrypt this text with some pretty simple scrambling and keys.
> >
> >My point is: The computer will find a text that is not English, it may
> >recognize it as Danish, and only a human who speaks the language would know
> >that it was nonsense.
>
> Actually, it would be fairly simple for a computer program to recognize
> this particular bit of Danish as nonsense; not only do letters and
> characters come in particular distributions with their neighbors, but
> so do full words. Of course, the computer needs to be primed with
> a knowledge of real Danish.... but that's not hard. Check out (e.g.)
> Shuetze's work on "Dimensions of Meaning" or Landauer's work on
> Latent Semantic Analysis.
>
> >So, scrambling a dictonary of 60.000 words or so and then replacing English
> >nouns with Danish nouns and English verbs with Danish verbs and so forth
> >(using one of the scrambled dictionaries). The weak point is that the
> >reciepient needs to know, which of the scrambled dictionaries was used,
> >otherwise he/she will end up with a Danish/Swedish/Norweigan text that
> >didn't make any sense, but would look allright, if you used a statistic
> >approach.
> >
> >You could also scramble an English dictionary first, replacing English nouns
> >with other English nouns etc, and then use one of the scrambled Danish
> >dictionaries to make the final text (which may encrypt further). The only
> >really weak point (as I see it) would be that the reciepient would have to
> >know your exact procedure and which dictionaries was used.
> >
> >Why do this? Well it would need human interaction to tell the computer that
> >the text it had decoded (if you encrypt your text in a nonsafe algorithm
> >afterwards), didn't make any sense. But if it was a huge system that
> >intercepted e-mails, decoded them, stored them in a database and sorted them
> >by keywords, then this method would soon screw up the database, right?
> >
> >I think this might be a good approach, since computers can break most
> >algorithms given the time, but right now, it cannot see what is nonsense and
> >what isn't as long as it follows the rules of the grammar in the languages.
>
> What's the "key" in this system? You can't assume that you'll keep the
> method secret; that's impractical. And once the cryptanalyst learns that
> you're using a linguistic code with superencipherment, he can crack it
> fairly easily. More easily, in fact, than if you were just using random
> strings -- you're preserving part of speech, grammatical structure,
> and even some word classes (e.g. dinosaur/penguin are both animate).
>
> -kitten
------------------------------
Date: Fri, 13 Aug 1999 20:16:16 -0400
From: Lee Winter <[EMAIL PROTECTED]>
Subject: Re: NIST AES FInalists are....
[EMAIL PROTECTED] wrote:
> In article <[EMAIL PROTECTED]>,
> Matt Curtin <[EMAIL PROTECTED]> wrote:
> > (...)
> > In light of the release of SKIPJACK specifications and the success of
> > an attack on a 31-round variant, it has been suggested that the
> > cryptographic expertise "out here" might have caught up to that "in
> > there". If NSA knew about attacks using impossible differentials and
> > applied the technique to SKIPJACK reduced by one round, blessing it as
> > secure would be an incompetent blunder.
> > (...)
>
> I think there are several logical errors in this argument.
Since this is your introduction I cannot resist...
> First of all, "a successful cryptanalytic attack" can mean widely
> different things. NSA's business is to protect or expose secrets in the
> real world, not to publish academic papers describing theoretical
> attacks. No matter how theoretically interesting an attack, from NSA's
> point of view it is worthless if it is not capable of recovering the
> plaintext or the key. Skipjack is almost susceptible to impossible
> differentials, a theoretical attack discovered in the public sector,
> but within NSA's frame of mind this is of little real consequence.
>
> Secondly, the fact that Skipjack resists impossible differentials at
> the minimum number of rounds makes one think that they did previously
> know about this attack. After all, DES has just sufficient rounds for
> resisting differential attacks and we know for a fact that its
> designers knew about this attack many years before it became public. By
> the way it is probable that Skipjack is strong against attacks that NSA
> knows about but we in the public sector don't - in fact Skipjack
> appears to be quite strong against power attacks, a type of practical
> attack discovered only very recently.
>
> Thirdly, Skipjack was meant for public consumption. Certainly NSA's
> methodology for designing a cipher for the public is different from
> their state of the art for designing military grade ciphers. It is
> difficult to believe that NSA would present to the world a cipher that
> they themselves cannot break in praxis, i.e. recover the key or
> plaintext under real world conditions. At the same time this cipher
> should be strong enough to resist *practical* attacks developed in the
> public sector. So, a cipher like Skipjack represents a very special
> kind of design requirements.
>
> There is no doubt in my mind that NSA is much more advanced in
> cryptology than the public sector - people who know what they can do
> keep approving their gargantuan budget, which means that they are
> earning it.
Do you feel the same way about the Department of Agriculture, Energy, or
Housing and Urban Development? Talk about a logical error!
> It is incredible to believe that the public sector with a
> small fraction of the resources of NSA could achieve a comparable level
> of knowledge. The big picture of course is that on the one hand there
> is a very advanced and costly agency developing technology of great
> importance for the information society of the future, and on the other
> hand the technology that will in fact be used will come from the much
> smaller and underfinanced academic sector. To my mind this is grossly
> inefficient. In fact I believe everybody's security and wellbeing would
> increase if NSA were allowed to make public their state of the art
> knowledge. Knowledge gives power, but a world where knowledge is shared
> by all is ultimately more secure.
>
> Meanwhile the academic community has not really broken any nontrivial
> symmetric cipher (including the 30 years old DES) in an nontrivial
> manner. The AES process has absorbed the conventional wisdom about a
> cipher's relative strength, which is: if we have to choose between two
> ciphers and we know about a theoretical flaw in one and we don't know
> about even a theoretical flaw in the other then we must consider the
> second one more secure. This is a reasonable strategy, even though it
> is a bad predictor of how the competing ciphers will fare against an
> unknown type of attack that may be discovered in the future. In fact, I
> believe the only reasonable way to predict a cipher's resistance
> against publicly unknown attacks is its simplicity of design (or else
> assume that somebody from the NSA is secretly helping the designer).
> The conceptually most simple AES candidate is my doomed Frog; the most
> simple AES finalist is probably RC6, followed by Rijndael. In fact, my
> guess is that unless some theoretical flaw is discovered in them during
> the next 12 months or so, these two will be the AES winners.
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Blowfish Questions
Date: Fri, 13 Aug 1999 00:15:25 GMT
1. Does the round key have to be mixed with the other register like
a ^= r[i]
b ^= f(a)
Or can it be done like:
a ^= f(b) + r[2i]
b ^= f(a) + r[2i+1]
I would not think so, but I can't tell (from what I see they give out
the same information).
Also I wrote a Blowfish Clone with a much faster and simpler key
schedule (runs at about 5000 cycles I can get more exact figures if you
want). I am going to test it and look for sboxes with matching entries
and see if it's at least 2^-14 like in Blowfish. The one obvious
problem is that it's linear (i.e learning some portion of the expanded
key gives you knowledge to learn the rest) but I don't know if that
hinders security either. Since you would have to learn the orignal
seed (the key) which is the same as brute force anyways. Also the
input key is fixed at 32 bytes (256 bits, pad with zeros if required)
which reduces the flexibility (from 8 to 256 bits).
It's at: http://people.goplay.com/tomstdenis/bfclone.c
I would appreciate any feedback if possible.
Thanks,
Tom
--
PGP 6.0.2i Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
Date: Fri, 13 Aug 1999 20:20:03 -0400
From: Lee Winter <[EMAIL PROTECTED]>
Subject: Re: NIST AES FInalists are....
Tim Lavoie wrote:
> In article <7ot0jq$lf$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>
> > [ snip ] If the NSA can read my
> >letters so be it (or the Canadian counterparts ...).
>
> Sure, but there's no reason to make it any easier for them now, is there?
> A sturdy envelope is always better than a postcard after all.
>
> Besides, I'd be happier anyway if e-mail and other electronic traffic
> had the same kind of legislative protection afforderd to my Snail Mail.
Would you settle for a parallel statement such as "while in the custody of
<ISP> no one shall <list of verbs applying to email> your messages"? This is
essentially what the USPO promises with respect to their custodial duties.
Of course they do not mention that they surrender custody of your mail to any
other agency on request, and what happens to it while in the custody of those
agencies is not relevant to the USPO.
------------------------------
Date: Fri, 13 Aug 1999 20:09:52 -0400
From: Lee Winter <[EMAIL PROTECTED]>
Subject: Re: language confusion, would it work?
Patrick Juola wrote:
> In article <7oumbu$qr7$[EMAIL PROTECTED]>,
> JvA Networks (DK) <[EMAIL PROTECTED]> wrote:
> >
> >Patrick Juola skrev i meddelelsen <7ouj25$e1i$[EMAIL PROTECTED]>...
> >>>But that would still require a human interaction, right? As far as I know
> >>>there are no computerprograms which are able to distinct between whether
> >the
> >>>meaning of a text makes sense or not.
> >>
> >>As I pointed out, this is incorrect; there are several such programs
> >>out there.
> >
> >
> >Well, why are those programs not used for computerbased text-translations?
>
> They are. But selecting the correct (non-gibberish) phrase is a much
> harder task than merely identifying gibberish -- just as it's easier
> to see at a glance that a jigsaw puzzle isn't correctly assembled as
> than it is to assemble the puzzle.
>
> But one of the big applications for which they are being used is
> synonym selection. "Word sense disambiguation", if you like. I think
> I first saw them used for that purpose in '91.
>
> >So, again, my point is: With the current capabilities of databases, it is
> >almost impossible for a computer to find anything wrong with the sentence:
> >"Tables grow on trees".
>
> Wrong, sir. Well, spuriously right, sir -- the single sentence you
> cite is far too short for any reliable statistics to be drawn from it.
> But if you had several paragraphs or pages to hand, your computer could
> observe that far too many sentences that had the word "table*" in it
> had the word "tree*" and vice versa.
>
> You're basically way off on the capacities of modern databases. We
> know about word linkages; we've known since the 1950's that "you shall
> know a word by the company it keeps." We have enough data now to actually
> measure a word's "company." From there it's not too difficult to observe
> whether or not most of the content words of a document are in unusual
> company.
I believe the Houghton-Mifflin Co product, Correct Text, has these
capabilities. It can provide far more than just grammar correction.
------------------------------
Date: Fri, 13 Aug 1999 20:32:09 -0400
From: Lee Winter <[EMAIL PROTECTED]>
Subject: Re: Future Cryptology
Douglas A. Gwyn wrote:
> [EMAIL PROTECTED] wrote:
> > Well, this brings up an interesting point. They may not be out to get YOU,
> > but how do you know they don't deem certain people as a risk? I mean if you
> > think about it, if you have all that techonlogy and man power, why not
> > follow the potential trouble makers too?
>
> Several reasons, including
> (1) It's against the law and their charter to spy on citizens
> within the US;
> (2) They don't have resources to waste on such low-return spying.
(1) It was against the law to spy on the first transatlantic telegraph cable too,
but the "arrangement" was in place before the first customer message was sent.
(2) It is precisely this kind of activity, low-return or not, that threatens the
citizens most. Road blocks are an incredibly inefficient method for deterring
drunks. But police departments want them badly. Why? Think about it.
Since the telephone and internet sweeping can be thoroughly automated it is cheap
and offers the possibility of finding tidbits due to careless transmission. It's
a roadblock for messages.
It is precisely the kind of statement that you made above that misleads the
citizens with respect to the actions of their government. I suspect you made the
statement knowing it is misleading, intending to mislead.
In short, I question your sincerity. You are full of shit.
------------------------------
From: [EMAIL PROTECTED]
Subject: 'weak keys' in Blowfish Variant
Date: Fri, 13 Aug 1999 00:38:18 GMT
Whoa... that got me upset. I did a small test on my Blowfish clone
(see previous post) and it turns out about 1 in 4 keys
make 'collisions' in the sboxes where two elements are equal. I would
like another person to test it (maybe I am wrong).
Can anyone think of why?
Thanks,
Tom
--
PGP 6.0.2i Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
